Information Security Engineer II is responsible for monitoring, analyzing and maintaining technical security controls in support of the Information Security Program. This role will be focused on maintaining the security of the applications and network which includes creation and timely execution of project plans, tool installations, assisting with upgrades of technology environments and integrating risk-based threat intelligence into the operational environment. The role also supports the ability to maintain assurance in our technical security controls so that risks to the confidentiality, integrity and availability of information systems and infrastructure are sufficiently mitigated which in turn, supports the bank’s operational goals. The role will also perform triage and analysis of security events escalated from the Tier1 and Tier-2 support teams.
MAJOR DUTIES AND RESPONSIBILITIES: Maintain an efficient and secure IT infrastructure. Assist in the execution of information security projects with other engineers, vendors and consultants. Review, analyze, and update network security tools and document, troubleshoot, and remediate issues. Work with managed service providers, network administrators, and Security Operations to resolve problems, evaluate new solutions, recommend changes, and investigate incidents. Analyze reports, identify, and distribute action items or service tickets to support teams or vendors to address workstation, server, or network issues. Document and Submit Change Management events in appropriate forms and represent changes to Change Advisory Committee. EDUCATION & EXPERIENCE: Required Education/Experience: Bachelor’s degree in Computer Science or Information Systems, Information Technology or related focused technical training or in lieu 4 additional years of engineering and project management experience. 7 years’ experience in a combination of information security operations/engineering/administration with emphasis on deploying security products. ? 4 years’ experience with designing and implementing information security technologies required Familiar with security tools used for Privilege Access Management (PAM), Security Event Incident Management (SIEM), Endpoint Security (EDR), etc. Job Description/HR/HDM Rev. 0717//2018 Experience working in Microsoft network security environment with knowledge of Active Directory, Group Policy, etc. Knowledge working in Azure AD environments on Azure and O365 a big plus. Preferred Education/Experience: Hands-on experience with AD tools for inventory, analysis and report on Active Directory structure, objects, permissions, etc. Detect and respond to unusual file access and activity which could indicate insider threats or advanced account takeover attacks using user behavior analytics. Experience with malware analysis using sandboxes. Experience with information security on the public cloud (Azure, O365) environment 3 years security engineering/administration in the financial sector Required Certifications, Licenses or systems needed : One or more of the following certifications (or equivalent): SANS GIAC Certifications, such as o GPPA: GIAC Certified Perimeter Protection Analyst o GCIH: GIAC Certified Incident Handler o GPEN: GIAC Penetration Tester CASP (CompTIA Advanced Security Practitioner) EC-Council Certified Ethical Hacker (CEH) Preferred Certifications, Licenses or systems: One or more of the following certifications (or equivalent): SANS GIAC Certifications such as o GSAE GIAC Security Audit Essentials o GWAPT GIAC Certified Web Application Penetration Tester o GSE GIAC Security Expert EC-Council Certified Security Analyst (ECSA) ISC2 System Security Certified Practitioner (SSCP) or other ISC2 or ISACA certifications KNOWLEDGE & SKILLS REQUIRED Required Knowledge & Skills: Knowledge of TCP/IP networking: networking topology, protocols and services. Excellent knowledge of Privilege Access Management (PAM) Tools, like CyberArk or Thycotic. Knowledge of Active Directory (AD) Audit Tools like Stealthbits, Varonis, Netwrix, etc. Excellent knowledge of SEIM (LogRhythm), NBA (ExtraHop, Stealthwatch) or UEBA tools. Excellent knowledge of Microsoft Operating system. Knowledge of Linux operating system is a plus. Strong Active Directory and Windows Group Policy (GPO) knowledge. Networking technology and protocols, including routers, switches, VPNs, Citrix, email gateways, etc. Microsoft Cloud Experience – Azure Security Center, O365 Security Center, Azure Sentinel, etc.